The 401st Blow :: Thoughts On Media

Android Malware Alert

Posted in Software, Technology by Noah Harlan on March 2, 2011

Google today pulled 21 popular free apps from the Android Market after discovering that they were all malware. They had been downloaded by somewhere between 50,000 and 200,000 users. It is advised that users actually take their phones back to the carriers and get them replaced.

What’s worse is that the apps were largely knock-offs of well known apps. So not only does this reveal the problem with security but it also underlines, once again, the issue with IP infringement. The publisher who created the malware was able to download existing apps, inject root exploits into them and then re-upload them to the market.

The way the malware was discovered (by the AndroidPolice) is very revealing:

Link to publishers apps here. I just randomly stumbled into one of the apps, recognized it and noticed that the publisher wasn’t who it was supposed to be.

So a very savvy user recognized that the publisher name was wrong. Tell me, without looking, who the proper publisher is of each app on your phone… yeah, thought so.

Initially they thought it was just pulling phone info (your user ID, phone ID, etc…) which would be bad but then they discovered that it actually has the ability to download more exploits and install them on your device. That’s the ultimate nightmare scenario and why you have to return your phone. Google is remotely wiping all these apps from user’s phones but they can’t remotely wipe any malware that the malware itself has downloaded onto your device. This is truly the worst type of exploit and something you’re going to see a lot of in the future.

This is exactly why the Apple curation model is vital to a successful app ecosystem. If users become afraid of downloading apps then the number of apps downloaded will plummet and developers will not have an incentive to keep working. What’s worse is that you have to go back to a store and beg them to replace your phone. This is just a nightmare and one that will get worse and worse unless Google gets its act together.

That’s strike two for Android today.

Here are the apps:

  • Falling Down
  • Super Guitar Solo
  • Super History Eraser
  • Photo Editor
  • Super Ringtone Maker
  • Super Sex Positions
  • Hot Sexy Videos
  • Chess
  • 下坠滚球_Falldown
  • Hilton Sex Sound
  • Screaming Sexy Japanese Girls
  • Falling Ball Dodge
  • Scientific Calculator
  • Dice Roller
  • 躲避弹球
  • Advanced Currency Converter
  • APP Uninstaller
  • 几何战机_PewPew
  • Funny Paint
  • Spider Man
  • 蜘蛛侠


Tagged with: , ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: